On Tue, 10-Feb-2015 at 13:49:23 +0300, Lev Serebryakov wrote:
> On 10.02.2015 00:21, Andre Albsmeier wrote:
>
> > The ipfw man page says:
> >
> > Usually a simple rule like:
> >
> > # reassemble incoming fragments ipfw add reass all from any to any
> > in
> >
> > is all you need at the beginning of your ruleset.
> >
> > However, I could never make this work. It eats all fragments but
> > the resulting final packet never makes it. I am back to
> >
> > ipfw -q add 1 pass udp from any to $myip frag in recv $ifc
> >
> > as I need it only for UDP. Frag reassembly in pf works well on the
> > other hand...
> reass works for me, but kills all IPv6 packets, so it should be "reass
> ip4 from any to any in [recv $iface]"
Hmm, I tried again with ipv4 but this doesn't help (I don't use v6
anyway here). But it seems to work as soon as I switch off layer2
filtering. Normally I use net.link.ether.ipfw=1 (and, yes, I have
the appropriate arp rules installed). As soon as I switch this to
off, reassembly works. However, I have no idea why the reass code
messes around with layer2...
-Andre
>
>
> --
> // Lev Serebryakov AKA Black Lion
--
"FreeBSD has always been the operating system that
GNU/Linux-based operating systems should have been."
- Frank Pohlmann, IBM
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
